WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Lamdaemon: update group of home directory if user's primary group changes

This commit is contained in:
Roland Gruber 2015-05-22 17:22:01 +00:00
parent 50c5a65b98
commit 3f175a9823
4 changed files with 71 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lam/HISTORY
View File

@ -2,6 +2,8 @@ June 2015
- Microsoft IE 8 no longer supported - Microsoft IE 8 no longer supported
- Security: added CSRF protection - Security: added CSRF protection
- Zarafa users: allow to change display format of "Send As" - Zarafa users: allow to change display format of "Send As"
- User list: support to filter by account status
- Lamdaemon: update group of home directory if user's primary group changes
- LAM Pro: - LAM Pro:
-> Password Self Reset: added 389 Directory Server schema file -> Password Self Reset: added 389 Directory Server schema file

38
lam/lib/lamdaemon.pl
View File

@ -4,7 +4,7 @@
# #
# This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) # This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
# Copyright (C) 2003 - 2006 Tilo Lutz # Copyright (C) 2003 - 2006 Tilo Lutz
# Copyright (C) 2006 - 2014 Roland Gruber # Copyright (C) 2006 - 2015 Roland Gruber
# #
# This program is free software; you can redistribute it and/or modify # This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by # it under the terms of the GNU General Public License as published by
@ -27,7 +27,7 @@ use Sys::Syslog;
# Defines the protocol version of the lamdaemon script. # Defines the protocol version of the lamdaemon script.
# This will only be changed when additional commands are added etc. # This will only be changed when additional commands are added etc.
my $LAMDAEMON_PROTOCOL_VERSION = 4; my $LAMDAEMON_PROTOCOL_VERSION = 5;
my $SPLIT_DELIMITER = "###x##y##x###"; my $SPLIT_DELIMITER = "###x##y##x###";
@ -196,6 +196,9 @@ sub manageHomedirs {
elsif ($vals[2] eq 'rem') { elsif ($vals[2] eq 'rem') {
removeHomedir(); removeHomedir();
} }
elsif ($vals[2] eq 'chgrp') {
chgrpHomedir();
}
elsif ($vals[2] eq 'move') { elsif ($vals[2] eq 'move') {
moveHomedir(); moveHomedir();
} }
@ -312,6 +315,37 @@ sub moveHomedir {
($<, $>) = ($>, $<); # Give up root previleges ($<, $>) = ($>, $<); # Give up root previleges
} }
#
# Changes the group of the home directory of the user.
#
sub chgrpHomedir {
my $homedir = $vals[3];
my $owner = $vals[4];
my $group = $vals[5];
if ($homedir eq '') {
$return = "ERROR,Lamdaemon ($hostname),No home directory specified to move.";
logMessage(LOG_ERR, "No home directory specified to move.");
return;
}
($<, $>) = ($>, $<); # Get root previliges
if (-d $homedir && $homedir ne '/') {
if ((stat($homedir))[4] eq $owner) {
system 'chgrp', $group, $homedir; # change group
$return = "Ok";
logMessage(LOG_INFO, "Home directory changed to new group ($homedir - $group)");
}
else {
$return = "ERROR,Lamdaemon ($hostname),Home directory not owned by $owner.";
logMessage(LOG_ERR, "Home directory owned by wrong user (" . $owner . ")");
}
}
else {
$return = "Ok";
logMessage(LOG_INFO, "The directory " . $homedir . " which should be changed was not found (skipped).");
}
($<, $>) = ($>, $<); # Give up root previleges
}
# #
# Checks if the home directory of the user already exists. # Checks if the home directory of the user already exists.
# #

31
lam/lib/modules/posixAccount.inc
View File

@ -836,6 +836,37 @@ class posixAccount extends baseModule implements passwordService {
} }
} }
} }
// set new group on homedirectory
if (!empty($this->orig[$this->getHomedirAttrName()][0]) && !empty($this->attributes[$this->getHomedirAttrName()][0])
&& ($this->orig['gidNumber'][0] != $this->attributes['gidNumber'][0])) {
$lamdaemonServers = explode(";", $_SESSION['config']->get_scriptServers());
for ($i = 0; $i < sizeof($lamdaemonServers); $i++) {
if (empty($lamdaemonServers[$i])) {
continue;
}
$temp = explode(":", $lamdaemonServers[$i]);
$server = $temp[0];
$result = lamdaemon(
implode(
self::$SPLIT_DELIMITER,
array(
$this->attributes['uid'][0],
"home",
"chgrp",
$this->orig[$this->getHomedirAttrName()][0],
$this->attributes['uidNumber'][0],
$this->attributes['gidNumber'][0])
),
$server);
// lamdaemon results
if (is_array($result)) {
$singleresult = explode(",", $result[0]);
if (($singleresult[0] == 'ERROR') || ($singleresult[0] == 'INFO') || ($singleresult[0] == 'WARN')) {
$messages[] = $singleresult;
}
}
}
}
// set group of names // set group of names
if (self::areGroupOfNamesActive()) { if (self::areGroupOfNamesActive()) {
$gons = $this->findGroupOfNames(); $gons = $this->findGroupOfNames();

4
lam/templates/tests/lamdaemonTest.php
View File

@ -3,7 +3,7 @@
$Id$ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2006 - 2014 Roland Gruber Copyright (C) 2006 - 2015 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -171,7 +171,7 @@ function lamTestLamdaemon($command, $stopTest, $handle, $testText, $container) {
*/ */
function lamRunLamdaemonTestSuite($serverName, $serverTitle, $testQuota, $container) { function lamRunLamdaemonTestSuite($serverName, $serverTitle, $testQuota, $container) {
$SPLIT_DELIMITER = "###x##y##x###"; $SPLIT_DELIMITER = "###x##y##x###";
$LAMDAEMON_PROTOCOL_VERSION = '4'; $LAMDAEMON_PROTOCOL_VERSION = '5';
$okImage = "../../graphics/pass.png"; $okImage = "../../graphics/pass.png";
$failImage = "../../graphics/fail.png"; $failImage = "../../graphics/fail.png";